Friday, September 4, 2009

Court Allows Woman to Sue Bank for Lax Security After $26,000 Stolen by Hacker

What's happening: Banks continue to assert they are not responsible when cyberthieves show up at the online-teller-window with legitimate user-ids and passwords. This lawsuit will test that assertion.

What it means:
Banks may be losing the shield they have been hiding behind that absolves them of responsibility for cybercrime.

What to do:
Stay tuned as we watch the legal playing field evolve. Email our Guide An Emerging Information Security Minimum Standard of Due Care to your attorney.

**********************************


Threat Level; Wired Magazine: An Illinois district court has allowed a couple to sue their bank on the ... grounds that it may have failed to sufficiently secure their account, after an unidentified hacker obtained a $26,500 loan on the account using the customers’ user name and password. ... As initially reported by legal blogger, David Johnson, Marsha and Michael Shames-Yeakel sued Citizens Financial Bank in 2007 in the northern district of Illinois on several grounds, including a claim that the bank failed to provide state-of-the-art security measures to protect their account. ... Judge Pallmeyer stated that, “In light of Citizens’ apparent delay in complying with FFIEC security standards, a reasonable finder of fact could conclude that the bank breached its duty to protect Plaintiffs’ account against fraudulent access.”

http://www.wired.com/threatlevel/2009/09/citizens-financial-sued/